From: Willy Tarreau Date: Wed, 17 Jan 2018 14:48:53 +0000 (+0100) Subject: BUG/MINOR: poll: too large size allocation for FD events X-Git-Tag: v1.9-dev1~514 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=cc35923c329bbadc78c1c026ce4e45e115852abe;p=thirdparty%2Fhaproxy.git BUG/MINOR: poll: too large size allocation for FD events Commit 80da05a ("MEDIUM: poll: do not use FD_* macros anymore") which appeared in 1.5-dev18 and which was backported to 1.4.23 made explicit use of arrays of FDs mapped to unsigned ints. The problem lies in the allocated size for poll(), as the resulting size is in bits and not bytes, resulting in poll() arrays being 8 times larger than necessary! In practice poll() is not used on highly loaded systems, explaining why nobody noticed. But it definetely has to be addressed. This fix needs to be backported to all stable versions. --- diff --git a/src/ev_poll.c b/src/ev_poll.c index f9e445113c..610509bd6f 100644 --- a/src/ev_poll.c +++ b/src/ev_poll.c @@ -205,7 +205,7 @@ REGPRM1 static int _do_init(struct poller *p) int fd_evts_bytes; p->private = NULL; - fd_evts_bytes = (global.maxsock + sizeof(**fd_evts) - 1) / sizeof(**fd_evts) * sizeof(**fd_evts); + fd_evts_bytes = (global.maxsock + sizeof(**fd_evts) * 8 - 1) / (sizeof(**fd_evts) * 8) * sizeof(**fd_evts); if ((fd_evts[DIR_RD] = calloc(1, fd_evts_bytes)) == NULL) goto fail_srevt;